Would You Fall For a Spoofing Attack?

Would You Fall For a Spoofing Attack?

What if someone wants into your practice? What if they want money? What’s the easiest way in?

If you said email, you’re correct. And it’s not just the biggest companies that are susceptible. Your practice is more than large enough to gain precisely what they desire.

According to Verizon’s 2018 Data Breach Investigation Report:

  • 76 percent of all breaches are financially motivated
  • 68 percent of those took months to discover
  • 58 percent of all security breach victims are small businesses
  • Healthcare is one of the top five industries experiencing the most breaches

Still think you’re not at risk?

What’s easier: getting $1 million from one organization, or $1,000 from 1,000 organizations? Many businesses assume cybercriminals will try for the biggest payday. But why make yourself vulnerable to tougher security practices, when it can be much easier sliding in through an open door?

And that’s where spoofing has power.

Spoofing is the practice of sending fraudulent communication from an unknown source disguised as someone known to the receiver. They are most prevalent in communication devices that lack a high level of security. Like email. Or even a phone call.

Imagine getting an email from the boss, requesting information about a particular group of people. She needs the information right away. Send it in an Excel file, attached to this email, please.

Would you send it? 

The average worker receives 121 emails each day. They make split decisions on whether to open it, whether to act on it. Opening up to vulnerabilities can take mere seconds. But the problems can linger for months, even years.

It happened to Humana. While they don’t think malicious behavior ensued, they did offer a select group of people access to 12 months of credit monitoring and identity theft protection.

What should you do? Add fail-safe tools to your business practices. Things like:

  • Two-factor authentication
  • Firewalls to block false IP addresses
  • Penetration testing to find vulnerabilities in your systems
  • Installing anti-spoofing detection software
  • Cybersecurity training to keep employees up to date on security measures

It doesn’t take much to ensure your data is safe and secure. But it does take diligence every day.

For IT Strategy, Cloud Conversion, or Help Desk Services reach out to us at Silver Linings Technology 360-450-4759.